Key and lock device

ABSTRACT

A key and lock device comprises a key and a stand-alone lock. The key has an electronic circuitry with a first memory and a first contact. The lock has an electronic circuitry with a second memory means, and a second contact means arranged to co-operate with the first contact means. Also, there is a blocking mechanism adapted to block operation of the lock unless an authorised key is inserted in the lock. The memory of the key stores a public identification item of the key identifying a group of keys having identical mechanical codes. In the memory of the lock, there is provided a list of the public and secret identification items of authorised keys and a list of the public identification item of non-authorised keys, A key is authorised if the public and secret identification items are present in the list of authorised keys and the public identification item thereof is absent in the list of non-authorised keys. This provides for an easy and flexible way of authorising key and lock devices and adding new keys to a system.

FIELD OF INVENTION

[0001] The present invention relates generally to key and lock devices,and more specifically to electromechanical key and lock devices and locksystems comprising such devices.

BACKGROUND

[0002] It is previously known a variety of lock devices that useelectronic devices for increasing the security of the lock and forproviding effective administration, management, and control of keys andpersonnel. However, these devices have had the inherent drawback ofeither being wired with accompanying high installation costs or standalone devices requiring significant individual efforts to change orextend the system with keys and/or locks.

[0003] Another drawback of prior art lock systems is that they aredifficult to create and adapt to the specific requirements of acustomer.

[0004] The U.S. Pat. No. 4,887,292 (Barrett et al.) discloses anelectronic lock system provided with a “lockout list” that identifieskeys that are to be prevented from opening system locks. This system isadapted to be used with real estate lockboxes used in the real estateindustry to contain the keys of houses listed for sale. Theinflexibility of the disclosed system results in it not addressing theabove mentioned problems of prior art key and lock systems.

SUMMARY OF THE INVENTION

[0005] An object of the present invention is to provide for easy addingor deleting of authorisation of access to the operation of a lock by thekey.

[0006] Another object is to provide an electromechanical key and lockdevice of the kind initially mentioned wherein the distribution andassignment of keys are more secure than in known lock systems.

[0007] Another object is to provide a lock system with a high level ofkey control and wherein no keys can be added without the knowledge ofthe system owner.

[0008] Another object is to provide a lock system with a high level ofauthorisation control,

[0009] Another object is to provide a lock system that is easy to createand service.

[0010] Yet another object is to provide a key and lock device whereinthe assignment of keys is facilitated.

[0011] The invention is based on the realisation that certaininformation elements or items of an electronic key code will provide fora simple and yet secure distribution and assignment of keys in a masterkey system.

[0012] According to the invention there is provided a key and lockdevice as defined in claim 1.

[0013] There is also provided a lock system as defined in claim 14.

[0014] There is also provided a method of updating authorisationinformation of a lock device of a lock system as defined in claim 18.

[0015] Further preferred embodiments are defined in the dependentclaims.

[0016] A key and lock device and a lock system according to theinvention addresses the above mentioned problems and drawbacks of priorart devices. By providing a group concept together with lists indicatingauthorised and non-authorised devices easy adding and deleting of keysand locks is made possible while a high level of security is maintained.In a non-wired system, the group concept makes it possible to add newkeys to the system without having to access or alter existing locks.

BRIEF DESCRIPTION OF DRAWINGS

[0017] The invention is now described, by way of example, with referenceto the accompanying drawings, in which:

[0018]FIG. 1 is an overall view of a lock system according to theinvention;

[0019]FIG. 2 is a block diagram of a key and lock device according tothe invention;

[0020]FIG. 3 is a diagram showing the group concept used with theinvention;

[0021]FIGS. 4a and 4 b are diagrams showing information elements in akey and a lock, respectively, according to the invention; and

[0022]FIG. 5 is a diagram showing an example of distribution of locks inan office building.

DETAILED DESCRIPTION OF THE INVENTION

[0023] In the following, a detailed description of preferred embodimentsof the invention will be described.

[0024] Lock system and Tools

[0025] A lock system comprising lock devices according to the inventionwill now be described with reference to FIG. 1, which shows thedistribution of hardware and software tools among different hierarchicallevels of a lock system, namely customer 100, distributor 200 andmanufacturer 300. The manufacturer, distributors and customersconstitute the members of the overall lock system.

[0026] Each element, i.e., key, lock etc., in the system belongs to oneand only one master key system. This is to maintain the high securitylevels required of today's lock systems.

[0027] Software

[0028] At each level there is software installed. There are threedifferent kinds of software, one for each of the three levels:Manufacturer software (M-software), Distributor software (D-software)and Customer software (C-software).

[0029] Each installed software maintains a database comprisinginformation, such as encryption keys etc. In case the communicationencryption keys must be changed, the manufacturer sends the new keysencrypted with the current communication encryption key.

[0030] User keys

[0031] In the customer system 100, there are several user keys 101adapted for use with a number of locks 20.

[0032] Programming and authorisation key

[0033] There is at least one special programming and authorisation key(C-key) 102 for a customer system. A C-key can be a normal looking key,but with special features. It includes, like a normal user key, a simpleuser interface, either a small display or a buzzer.

[0034] There is a defined routine and sequence to replace a lost C-key.This routine leads back to the factory for authorisation.

[0035] Customer programming box

[0036] At the customer, there is a programming box 106 adapted forconnection to a computer (PC) 104 via e.g. a serial interface. Thisprogramming box comprises a static reader 107 and is used forprogramming keys and locks in the customer system. A static reader is akey reader without a blocking mechanism and thus comprises electroniccircuits etc. for reading and programming a key.

[0037] Optionally, the programming box can be provided with an internalpower source, thus also functioning as a stand alone box operatingdisconnected from the computer 104.

[0038] Although a customer programming box is shown in the figure, thisbox can be omitted in very small lock systems.

[0039] Customer software

[0040] The customer has access to a personal computer 104 runningcustomer administration software (C-software) with open systeminformation only. Thus, the C-software keeps track of which keys areauthorised in which locks in the lock system in question. It alsocontains information regarding secret identities of all keys of asystem.

[0041] Authorisation key for the distributor

[0042] There is an authorisation key (D-key) 202 for the distributor ofthe lock system, who can be e.g. a locksmith. The function of this keyis equivalent of the C-key. However, a D-key has special authorisationdata for the particular software with which it will be used. A D-key isalso used as a secure communication bridge for all distributor levelprogramming.

[0043] Distributor programming box

[0044] At the distributor, there is a programming box 206 adapted forconnection to a computer (PC) 204 via e.g. a serial interface, like aRS232C interface. This programming box can be identical to the onedescribed in connection with the customer system 100.

[0045] Distributor software

[0046] The distributor has special computer software (D-software) for apersonal computer 204. The D-software includes an open part for displayof open system information and for design of changes etc. It alsoincludes a secret part including authorisation codes and secret keywordsused in the system. The D-software also supports encrypted communicationto manufacturer lock system computer 304 through e.g. a modem connection208.

[0047] The D-software stores secret identities of keys, but not in plaintext but in an encrypted format. However, the encryption keys are notstored with the D-software but is present in the D-key. Thus, the D-keyis needed when the encrypted information is to be read.

[0048] The distributor software may use as a module a key/lock register,which constitutes the customer system. In that way, the distributor canwork transparently as if the distributor and customer software were onesystem. This is necessary for the distributor if he is going to beclosely involved with servicing the customer system.

[0049] Manufacturer key

[0050] There is an authorisation key (M-key) 302 with a function similarto the D-key, but with authorisation to M-software including all masterkey systems delivered by the manufacturer in question.

[0051] Manufacturer programming box

[0052] This is a programming box 306 similar to the distributorprogramming box.

[0053] Manufacturer software

[0054] The manufacturer has access to a personal computer 304 runningsoftware (M-software) with full authorisation for all operations.

[0055] The tools used create a flexible environment, which can beconfigured in a way to fit the market conditions. Authorisation can belimited or extended at the different levels. However, the manufacturercan always do everything that can be done. The distributor can neverstore secret codes himself and the customer can normally not create anew or extended system himself. The manufacturer can hereby control thelevel of authorisation for the distributor and the distributor cancontrol the system maintenance.

[0056] The above mentioned tools together determine the possibleoperations of the different parts. In practice, the system can operatein many different structures and set-ups. It all depends on to whom thedifferent tools are distributed. This provides a flexible system, whichcan be adapted for a wide range of applications.

KEY AND LOCK ELECTRONICS

[0057] In the following, a description of the key and lock electronicswill be given with reference to FIG. 2, which is a schematic blockdiagram of a key and a lock.

[0058] The key, generally designated 101 comprises an electroniccircuitry 101 a having a microprocessor, timer circuits etc. forexecuting the normal operations of a microprocessor arrangement.Specifically, a memory circuit 101 b has been shown electricallyconnected to the electronic circuitry. This memory circuit is used forstoring information regarding the key, as will be explained below.

[0059] A contact 101 c placed on the exterior of the key 101 is alsoshown electrically connected to the circuitry 101 a.

[0060] The lock, generally designated 20, comprises an electroniccircuitry 20 a having a microprocessor, timer circuits etc. forexecuting the normal operations of a microprocessor arrangement. Thiscircuitry 20 a is similar to the one 101 a located in the key. This isan advantage in that large-scale production reduces manufacturing costs.

[0061] A memory circuit 20 b is shown electrically connected to theelectronic circuitry 20 a. This memory circuit is used for storinginformation regarding the lock and authorised keys, as will be explainedbelow.

[0062] A contact 20 c is located in the lock 20 and is shownelectrically connected to the circuitry 20 a. This lock contact isarranged to co-operate with the key contact 101 a in order to establishelectric connection between the key electronics and the lockelectronics.

[0063] There is also an electrically controlled blocking mechanism 20 din the lock 20. This mechanism is controlled by means of drivingcircuitry (not shown) and opens the lock as a result of identificationof an authorised key in the lock.

GROUP CONCEPT

[0064] The customer level 100 of the master key system described withreference to FIG. 1 can be divided into different groups and each userkey 101 belongs to one and only one group. However, the groups can bedefined according to several different rules, which will be described inthe following.

[0065] Standard solution

[0066] The standard solution is to have one key cut per individual doorand one group per mechanical key cut. This solution is used in prior artlock systems and thus does not require any modification of the thinkingof developing a new MKS. This gives a very secure but somewhatinflexible solution.

[0067] Organisational solution

[0068] According to the organisational solution, one mechanical key-cutand one group is assigned to each “department” of the organisation usingthe MKS. Thus, in a typical company, the sales department, research anddevelopment department, security guards, production department 1,production department 2 etc. are each assigned to a specific group. Thisis illustrated in FIG. 3 showing the customer level of a MKS accordingto the invention.

[0069] The advantage of this solution is that less different mechanicalkey-cuts are required and that it gives flexibility in the set-up of thesystem.

[0070] One key-cut, many groups

[0071] According to this solution, few key-cuts are made. As an example,all individual user keys of one floor, several floors or even the entirecompany have the same key-cut. Further, all master keys have the samekey-cut, sub-master keys level 1 have another, level 2 yet another etc.

[0072] Groups are then defined as in the organisational solutiondescribed with reference to FIG. 3.

[0073] This solution gives very few mechanical key-cuts, resulting is avery flexible master key system.

[0074] The described solutions may of course be varied depending on thespecial requirements of the system. As an example, some departments maybe divided into several groups. Alternatively, several small departmentsmay constitute one group. The way the group concept is used can alsovary within an organisation. However, an important feature is that allkeys in one group are mechanically identical, i.e., with identicalkey-cuts. The reason therefor will be described below.

INFORMATION ELEMENTS

[0075] All keys and locks have a unique electronic identity or codecomprising several information elements controlling the functions of thekeys and locks. The information elements of a key or a lock will now bedescribed with reference to FIGS. 4a and 4 b, respectively.

[0076] The code is divided into different segments for the use ofmanufacturers, distributors, customers and individual key data's while asecret segment is provided for secret information and is alwaysindividual for the group.

[0077] All keys and locks have a unique electronic code or identity.Every lock code comprises the following parts:

[0078] Manufacturer identification (M)

[0079] Public Lock ID (PLID) comprising

[0080] Master Key System identification (MKS)

[0081] Function identification (F)

[0082] Group ID (GR)

[0083] Unique Identity (UID)

[0084] DES key

[0085] Secret Lock ID (SLID) comprising

[0086] Secret group ID (SGR)

[0087] Correspondingly, every key code comprises the following parts:

[0088] Manufacturer identification (M)

[0089] Public Key ID (PKID) comprising

[0090] Master Key System identification (MKS)

[0091] Function identification (F)

[0092] Group ID (GR)

[0093] Unique Identity (UID)

[0094] DES key

[0095] Secret Key ID (SKID) comprising

[0096] Secret group In (SGR)

[0097] The basic elements will now be described in more detail.

[0098] M—Manufacturer

[0099] M identifies the manufacturer of the master key system. In thedescription and examples of the invention given below, this element isomitted as all keys and locks are assumed to have the same manufacturer.

[0100] MKS—Master Key System

[0101] MKS identifies the different Master Key Systems. A lock willaccept a user key or a C-key only if they have the same MKS code. In thedescription and examples of the invention given below, this element isomitted as all keys and locks are assumed to belong to the same masterkey system.

[0102] F—Function

[0103] F identifies the role of the device; whether it is a lock, a userkey, a C-key, D-key or M-key.

[0104] GR—GRoup

[0105] GR is an integer identifying the group. GR is unique in each MKSand starts at 1 with an increment of 1.

[0106] UID—Unique Identity

[0107] UID identifies the different users in a group. UID is unique ineach GR, starts at 1 with an increment of 1.

[0108] DES

[0109] The DES comprises a randomly generated DES encryption key, thesame in one MKS. The DES is in no way readable from the outside and isonly used by the algorithms executed internally of the key and lockdevices.

[0110] SGR—Secret GRoup

[0111] SGR is a randomly generated number that is the same for one GR.

AUTHORISATION TABLE

[0112] In every lock there is an authorisation table stored inelectronic memory. The authorisation table determines which keys thelock in question accepts. The configuration and function will now bediscussed.

[0113] The authorisation table is divided into two parts, a list ofauthorised keys (the A-list) and a list of non-authorised keys (theNA-list). A key is authorised only if it is listed in the A-list but notin the NA-list. The A-list comprises both the PKID and the SKID ofauthorised keys. However, the NA-list comprises only the PKID and notthe SKID of non-authorised keys.

[0114] A key is listed by its group or its unique identity. In bothcases, it is determined by the PKID, comprising the information elementsGR-UID, see FIG. 4a. To specify the unique identity, the values of bothGR and UID are provided. However, in the case a group is to bespecified, UID is given the value “0”, denoting no specific key, becausethe UID for individual keys can take the values “1”, “2”, “3” etc. As anexample, a PKID of 2-0, i.e., GR=2 and UID=0, denotes the entire group 2of the master key system in question.

[0115] It is thus possible to authorise all keys of one group in onelock by memorising UID=0 for the GR in question. With this solution, allkeys of a group, whatever their UID, will be authorised to open thelock, provided they are not listed in the NA-list. This allows themaking of a new key, with a new UID, working directly in the lockwithout one having to reprogram the lock.

[0116] As already stated, when a key is listed in the A-list, the secretkey identity SKID is stored, too. The SKID is the same for all keys ofone group and is used for security reasons. It is not possible to readthe SKID from the keys or locks without having fulfilled specialauthentication procedures by means of a C-key, which will be discussedbelow.

[0117] If an entire group is authorised in the manner described above,it is possible to restrict the access of one or more keys of that groupby including their PKID in the NA-list of the lock.

[0118] An example of organisational grouping and authorisation will nowbe given with reference to FIG. 5, wherein an office building includingan R&D department and a sales department is schematically shown. Theentire office belongs to master key system 1, i.e., m=1 for all keys andlocks. There are all in all seven doors in the office, three belongingto the R&D department: R&D1, R&D2, and LAB, two belonging to the salesdepartment: SALES1 and SALES2, and two common doors, MAIN and COMMON.There are four people working in the office, two in the R&D department,Researchers 1 and 2, and two in the sales department, Salespersons 1 and2.

[0119] The master key system is divided into two electronically codedgroups, GR=1 (R&D) and GR=2 (Sales), each group with two keys. The PKIDof the keys are given in table 1 below: TABLE 1a Group User PKID(GR-UID) 1 Researcher 1 1-1 1 Researcher 2 1-2 2 Salesperson 1 2-1 2Salesperson 2 2-2

[0120] The authorisation tables of the different doors are given intable 2 TABLE 2a MAIN R&D1 R&D2 LAB COMMON SALES1 SALES2 A NA A NA A NAA NA A NA A NA A NA 1-0 1-1 1-2 1-0 1-0 2-1 2-2 2-0 2-0

[0121] In common doors, entire groups are listed in the A-list and inprivate doors, only the specific keys admitted are listed in the A-list.

[0122] With this configuration, all four employees are admitted throughthe main door and to the common room. Only the researchers are admittedto the lab. To the four personal rooms, only the person working thereinis admitted.

[0123] If one of the employees quits and is replaced by another, newkeys must be issued and locks must be reprogrammed. Assume thatResearcher 1 quits without returning his keys and is replaced byResearcher 3. The identities of the issued keys will now look like intable 1b: TABLE 1b Group User PKID (GR-UID) 1 Researcher 1 1-1 1Researcher 2 1-2 1 Researcher 3 1-3 2 Salesperson 1 2-1 2 Salesperson 22-2

[0124] Access to the office must be denied to Researcher 1 and insteadgiven to Researcher 3. The PKID of the key of Researcher 1 is thereforeadded to the NA-list of all locks where Researcher 1 was authorised. ThePKID of the key of Researcher 3 must be added to his private room. Theauthorisation tables will then look like in table 2b: TABLE 2b MAIN R&D1R&D2 LAB COMMON SALES1 SALES2 A NA A NA A NA A NA A NA A NA A NA 1-0 1-11-1 1-1 1-2 1-0 1-1 1-0 1-1 2-1 2-2 2-0 1-3 2-0

[0125] Additions compared to table 2a are indicated by boldface.

[0126] It is thus very easy to make the necessary changes to the locksof the master key system.

[0127] It is appreciated that if there are identical entries in the Aand the NA lists, both could be deleted to save memory.

[0128] The electronic coding can be supplemented by mechanical coding aswell. In the present example, there can only be two mechanical cuttings,MC1 and MC2, as there are only two electronically coded groups and themechanical coding must be the same within a group.

DEFINED OPERATIONS

[0129] In the following, an overview of the different operations in thesystem will be given. Initially, the original master key system iscreated and programmed by the manufacturer by means of the manufacturersoftware 304. This initial system includes one or more C-keys 102. Acomplete information on the created system is stored in the M-software304.

[0130] There are a number of defined operations with their separaterules. The possible operations are listed in the following:

[0131] Add Key

[0132] Add C-key

[0133] Replace Master C-key

[0134] Delete Key

[0135] Delete C-key

[0136] Authorise Key

[0137] Forbid Key

[0138] Read Audit Trail

[0139] Read Key List

[0140] Test

[0141] Read User Register

[0142] Update User Register

[0143] Control commands for programming device

[0144] Scan Programming Audit Trail

[0145] Scan Test results

[0146] Scan Key list from a lock

[0147] Scan Audit trail list from a lock

[0148] Identification of the lock

[0149] Delete Task

[0150] Delete Key List

[0151] Delete Audit Trail

[0152] Delete Programming Audit trail

[0153] Delete all

[0154] Status data:

[0155] Task activated in a C-key

[0156] Task done for a lock

[0157] Etc.

[0158] Some of these operations will now be discussed in detail.

[0159] Add Key Operation

[0160] A key is added to the number of authorised keys by adding itsPKID and SKID to the A-list.

[0161] Delete Key Operation

[0162] To delete authorisation of a key, the PKID and the SKID of thekey are deleted from the A-list. This is called the delete operation.From now on, the key is not authorised and to make it authorised, theadd operation must once again be performed.

[0163] Forbid Key Operation

[0164] As already stated, when a key or a group is authorised in a lock,its SKID is also memorised in the A-list of the lock. It is possible toinstruct a lock to copy the PKID to the NA-list and to leave the PKIDand SKID in the A-list. In this case, the lock will not open to the keyin question because a lock does not open to a key in the NA-list, evenif it is in the A-list. This operation to copy the PKID to the A-list iscalled a forbid operation.

[0165] Reauthorize Key Operation

[0166] If a forbid operation has been performed on a key, it is possibleto reauthorize the key without having its SKID, i.e., without access tothe key itself. The only thing you have to do is to delete the PKID inthe NA-list. This operation is called a reauthorization operation.

[0167] The combination of the forbid and reauthorize operations isuseful when a key is to be reauthorize without having access to the key.It means that the PKID and the SKID of a key has to be entered in theA-list only once. Thereafter, forbid or reauthorisation operations areperformed.

[0168] Replace Key Operation

[0169] The replace operation enables manufacturing of a key that willtell all locks in which the key has been inserted that it is replacing aspecific key. This operation can only be performed in locks in which thereplaced key was authorised. The operation checks that the previous keyis in the A-list and not in the NA-list. It then puts the PKID of thereplaced key on the NA-list.

[0170] With this operation, reprogramming is effected automatically.This is particularly useful when a key has been lost.

[0171] Create Installer Key Operation

[0172] In the initial stages of the creation of a lock system, there isa need for a so-called “Installer Key”. This is just a normal user keywith authorisation in all locks of the system and which is used duringinstallation. It must be excluded after use like any “lost” key.

[0173] C-KEYS

[0174] A C-key belongs to a master key system, but has a special codeinforming that it is a C-key. It also has a PKID but can not operatelocks as a user key. There is always a master C-key with a special GRcode. This is the first C-key.

[0175] For security reasons, C-keys are used for adding and deletingitems in the A-list or the NA-list of a lock. In each lock, theidentities of all C-keys that are allowed to make changes in theauthorisation tables are recorded in the A-list. Thereby, it is possibleto modify rights to different C-keys in different locks. However, C-keysdo not contain any information on the user keys.

[0176] The Master C-key is used for changing the authorisations ofC-keys. The Master C-key is recorded in all locks of a master keysystem. The Master C-key is also allowed to make changes of the user keyauthorisations.

[0177] The C-keys are also used to guarantee the security of data storedin the c-software. In combination with a PIN code entered by a user, aC-key enables reading of encrypted data in the C-software.

[0178] If a C-key is lost, authorisations can be changed by means of theMaster C-key. If the Master C-key is lost, the manufacturer delivers anew Master C-key. By means of this new Master C-key and the replaceoperation, the lost Master C-key can be replaced in all locks in themaster key system and the C-software.

[0179] Use of C-keys

[0180] A C-key can be used in different ways for programming locks in amaster key system. In the following, the different ways of programminglocks will be described, partly with reference to FIG. 1.

[0181] Operations with C-Software

[0182] The C-Software of a lock system keeps track of the locks, keys,and their authorisations. If a modification is wanted, it is done in theC-Software of the customer computer 104 and is then downloaded to theC-key by means of the programming box 106 connected to the computer. Theprocedure at the lock is then as follows: The C-key is then insertedinto a lock 20 where modifications are wanted during a specified timeinterval and the new information is transferred from the C-key to thelock 20.

[0183] Thus, when using the C-software, the information items regardingthe updated user key authorisations are supplied from the C-software,stored in the C-key and supplied to the lock.

[0184] When an operation has been executed correctly for a specificlock, this is written to the C-key. It is then possible to update thestatus of the system in the C-Software database describing the system.In that way, the current status of the master keys system is alwaysstored in the C-Software.

[0185] Operations with a programming device

[0186] If the c-Software is unavailable, it is possible to change theauthorisation table of a lock by using a C-key and a programming device.This programming device can be the above-described box 106 operatingdisconnected from the computer 104. Alternatively, it is a dedicatedportable box not shown in the figures and provided with a display and akeypad.

[0187] As an alternative, a low cost programming device can sometimes beused instead of the usual programming box. With this low costalternative, only the delete, forbid and reauthorize operations arepossible to perform.

[0188] To perform the add operation, an authorised C-key, a programmingdevice and the key are needed. The key is needed because the SKID isneeded in the A-list. The C-key can be either a separate key insertedinto the box or integrated into the box. An add operation is thenselected from a menu and this information is transferred to the lock.

[0189] It is also possible to perform other operations in a similar way,such as to authorise an entire group with such a solution by having onekey of this group because all keys in a group have the same SKID.

[0190] To perform a delete operation, an authorised C-key and aprogramming device are needed. By means of the programming device, thePKIDs of keys in the A- and NA-lists are scrolled the key to be deletedselected. The key to be deleted is not required because it is possibleto put the PKID of an authorised user key in the NA-list and to deleteits PKID and SKID from the A-list, even without the user key present.

[0191] Thus, when using a programming device, the information itemsregarding the updated user key authorisations are supplied from the userkey and directly to the lock.

[0192] Operations without a programming device

[0193] With just a C-key and a user key, it is possible change theauthorisation of the user key in a lock. The C-key is first insertedinto the lock for a specified time. The user key is then inserted intothe lock. The C-key is then again inserted into the lock to confirm theupdate. Depending on the operation wanted, the C-key is inserted fordifferent time intervals.

[0194] It is possible to delete all keys from the A-list. It is notpossible to delete one single lost key from the A-list without deletingall keys in the list. However, it is possible to delete a key from theA-list if the key is present together with an authorised and programmedC-key.

[0195] The replace operation is possible to perform without aprogramming box. Thus, with a new key, a lost key can be replaced bymeans of the replace operation.

[0196] Like when using a programming device, the information itemsregarding the updated user key authorisations are supplied from the userkey and directly to the lock.

[0197] Other operations possible with a C-key

[0198] It is possible to give a C-key some functions to execute when itis used with locks. It is possible to give a C-key the function ofadding or deleting specific keys to the authorisation table. Whenissuing a number of new keys, it is thus possible for the manufacturerto supply a C-key with the new keys that functions to authorise all thenew keys in some or all of the locks in a system. This would simplifythe authorisation procedure significantly.

[0199] It should be noted that there are no links between the GR code ofuser keys and C-keys. However, it is possible to limit the use of C-keysto specific groups of a lock system.

[0200] D-Keys and M-Keys

[0201] D-keys (and M-keys) are used like C-keys. For certain operations,a D-key is required. As an example, at the distributor, when locks orkeys are to be added to the system, D-software 204 authorised by P-key202 is used together with downloading of necessary secret informationfrom M-software 304. The M-key is required when using the M-software.

[0202] The lock is then programmed at the customer either using theC-key 102 or by means of an adapter interconnecting the programming box106 and the lock 20.

[0203] A preferred embodiment of a key and lock device has beendescribed. It is realised that this can be varied within the scope asdefined by the claims. Thus, although a cylinder lock device has beendescribed, the invention is also applicable to other lock types as well,such as card locks.

[0204] Although an embodiment has been described, wherein both a publicidentification item and a secret identification item are stored in theA-list and the public identification item is stored in the NA-list, thiscould be varied. Thus, for example, it is entirely possible to storejust public or just secret identification items in both lists or anothercombination thereof.

1. An electromechanical key and lock device, comprising: a key having amechanical code and a key electronic circuitry comprising a lock memoryadapted for storing a public identification item of said key comprisinga group identification item identifying a group of keys having identicalmechanical codes, and a key contact; and a stand-alone lock having alock electronic circuitry comprising a lock memory adapted for storing alist of said public identification item and a secret identification itemof authorised keys, and a list of said public identification item ofnon-authorised keys, a lock contact arranged to co-operate with said keycontact, and a blocking mechanism adapted to block operation of saidlock unless an authorised key is inserted in the lock; wherein a key isauthorised if said public and secret identification items thereof arepresent in the list of authorised keys and said public identificationitem thereof is absent in the list of nonauthorised keys.
 2. The key andlock device according to claim 1 , wherein said key and lock memoriesare arranged to store an electronic code field comprising said publicidentification item, said secret identification item and an encryptionkey.
 3. The key and lock device according to claim 1 , wherein saidpublic identification item comprises a function identification itemidentifying one of the following functions: user key, customerauthorisation key, distributor authorisation key, manufacturerauthorisation key, and lock.
 4. The key and lock device according toclaim 1 , wherein said public identification item comprises a deviceidentification item identifying the different devices of a group andwherein the device identification item is unique in each group.
 5. Thekey and lock device according to claim 1 , wherein said secretidentification item is identical for all devices within a group.
 6. Thekey and lock device according to claim 1 , wherein a publicidentification item stored in said list of authorised keys or said listof non-authorised keys comprising a device identification item of aspecific value denotes an entire group.
 7. The key and lock deviceaccording to claim 1 , wherein secret identification items stored insaid key memory can only be read by means of a special authorisationkey.
 8. The key and lock device according to claim 1 , wherein a key isadded to the number of authorised keys by adding its public and secretidentification items to said list of authorised keys.
 9. The key andlock device according to claim 1 , wherein a key is deleted from thenumber of authorised keys by deleting its public and secretidentification items from said list of authorised keys.
 10. The key andlock device according to claim 1 , wherein a key is deleted from thenumber of authorised keys by adding its public identification item tosaid list of non-authorised keys.
 11. The key and lock device accordingto claim 1 , wherein a key is added to the number of authorised keys bydeleting its public identification item from said list of non-authorisedkeys.
 12. The key and lock device according to claim 1 , wherein a firstkey of the number of authorised keys is replaced by a second key bychecking whether said first key is authorised, adding said publicidentification item thereof to said list of non-authorised keys andadding said public and secret identification items of said second key tosaid list of authorised keys.
 13. The key and lock device according toclaim 1 , wherein a master authorisation key is recorded in saidauthorised list of all locks of a master key system.
 14. A lock systemcomprising key and lock devices according to any of the precedingclaims.
 15. The lock system according to claim 14 , comprising acustomer database arranged to keep track of which keys are authorised inwhich locks in said lock system.
 16. The lock system according to claim14 , comprising a distributor database including a key/lock registerhaving an open part for display of open system information for design ofchanges and a secret part including authorisation codes and secretkeywords used in the system.
 17. The lock system according to claim 14 ,comprising at least one authorisation key used for programming the lockdevices, said at least one authorisation key being authorised to updatesaid information stored in said lock memory of lock devices.
 18. Amethod of updating authorisation information of a lock device of a locksystem according to claim 14 , comprising the step of updating saidinformation in said lock memory of said lock device.
 19. The methodaccording to claim 18 when subordinated claim 15 , comprising thefollowing steps: transferring updating information from said customer ordistributor database to an authorisation key, and transferring updatinginformation from said authorisation key to said lock memory of a lockdevice.
 20. The method according to claim 18 , comprising the followingsteps: instructing an updating operation by inserting an authorisationkey into said lock, and transferring updating information from a userkey to said lock memory of said lock device.
 21. The method according toclaim 18 , comprising the additional steps of verifying the updatingoperation by inserting said authorisation key into said lock, andtransferring verification information from said authorisation key tosaid customer or distributor database.